# Quick Overview

## **Application Overview**

Hideez Authenticator is a free app for Android and iOS that turns your smartphone into a reliable key for logging into services and workstations. With this app, you can quickly, securely, and conveniently access your data.

{% hint style="info" %}
**Minimum iOS version**: 13\
**Minimum Android version**: 8
{% endhint %}

Hideez Authenticator is part of the Hideez Authentication Service and is used in corporate projects. For it to work, you need a configured server and the Hideez Client app installed on your computer.

## **Key Features**

* Passwordless Single Sign-On (SSO) to web services and applications using biometrics or QR code
* Two-factor authentication (2FA) through SAML and OIDC protocols for secure access to applications and services
* Passwordless login to Microsoft services (e.g., Exchange OWA)
* Passwordless login to Windows workstations
* Login to workstations via RDP using a smartphone
* One-Time Password (OTP) generation for 2FA
* FIDO standards support for high-security levels
* Protection from phishing attacks, unauthorized access, and account hijacking
* Compliance with strict security requirements for protecting critical data (FIDO Alliance)

## **Requirements for Operation**

### **For passwordless login to web services and applications:**

* The user must be registered on the server with the app installed
* Hideez Authenticator must be enabled as the authentication method for SSO
* Web services and applications must support SAML, OIDC protocols
* Integrations with web services via SAML, OIDC, WS-Federation protocols must be set up on the server

### **For passwordless login to a PC (local Active Directory accounts):**

* Corporate version of Hideez Client must be installed on the computer
* The computer must run Windows 10/11 and support TPM 2.0 module
* The computer must be connected to an Active Directory domain
* A configured certificate server (Certificate Authority) in the Active Directory domain
* The server must be accessible both for Hideez Client and the mobile app
* A specially configured certificate template on the certificate server (see Certificate Authority settings in Active Directory)

### **For password-based login to a PC (password-based account):**&#x20;

{% hint style="info" %}
Users can also log in to the workstation using a password-based account. To do so, they must set the password themselves once during the account creation process. After that, the login will proceed by scanning a QR code and confirming in the app.
{% endhint %}

* Corporate version of Hideez Client must be installed on the computer
* The user must be registered on the server
* The server must be accessible both for Hideez Client and the mobile app:
  * The computer and smartphone must be on the same network, or the server must have a public IP address

{% hint style="info" %}
Українську версію цього керівництва можна знайти [тут.](https://authenticator-ua.hideez.com/)
{% endhint %}